From a55a3b6ebd2936726c0752164c46b3224dd1129d Mon Sep 17 00:00:00 2001 From: "tcdlpds@gmail.com" Date: Thu, 13 Aug 2020 23:46:53 +0530 Subject: [PATCH] Improve OTP service --- .../mgt/common/spi/OTPManagementService.java | 7 + .../core/otp/mgt/dao/OTPManagementDAO.java | 10 +- .../dao/impl/GenericOTPManagementDAOImpl.java | 46 ++++- .../mgt/service/OTPManagementServiceImpl.java | 63 +++++-- .../resources/email/templates/user-verify.vm | 171 +----------------- 5 files changed, 110 insertions(+), 187 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java index 2844be1f071..31948772e24 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java @@ -41,4 +41,11 @@ public interface OTPManagementService { * @throws BadRequestException if found an null value for OTP */ OneTimePinDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException; + + /** + * Invalidate the OTP + * @param oneTimeToken OTP + * @throws OTPManagementException If error occurred while invalidating the OTP + */ + void invalidateOTP(String oneTimeToken) throws OTPManagementException; } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java index 86eb5e4ccf7..4c3690f5d0d 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java @@ -43,7 +43,7 @@ public interface OTPManagementDAO { * @param oneTimeToken OTP * @throws OTPManagementDAOException if error occurred while updating the OTP validity. */ - void expireOneTimeToken(String oneTimeToken) throws OTPManagementDAOException; + boolean expireOneTimeToken(String oneTimeToken) throws OTPManagementDAOException; /** * Update OTP with renewed OTP @@ -53,4 +53,12 @@ public interface OTPManagementDAO { */ void renewOneTimeToken(int id, String oneTimeToken) throws OTPManagementDAOException; + /** + * To veify whether email and email type exists or not + * @param email email + * @param emailType email type + * @return true if email and email type exists otherwise returns false + * @throws OTPManagementDAOException if error occurred while verify existance of the email and email type + */ + boolean isEmailExist (String email, String emailType) throws OTPManagementDAOException; } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java index 515b2fc727a..273cf6c1a58 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java @@ -142,7 +142,7 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM } @Override - public void expireOneTimeToken(String oneTimeToken) throws OTPManagementDAOException { + public boolean expireOneTimeToken(String oneTimeToken) throws OTPManagementDAOException { if (log.isDebugEnabled()) { log.debug("Request received in DAO Layer to update an OTP data entry for OTP"); log.debug("OTP Details : OTP key : " + oneTimeToken ); @@ -158,7 +158,7 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM try (PreparedStatement stmt = conn.prepareStatement(sql)) { stmt.setBoolean(1, true); stmt.setString(2, oneTimeToken); - stmt.executeUpdate(); + return stmt.executeUpdate() == 1; } } catch (DBConnectionException e) { String msg = "Error occurred while obtaining the DB connection to update the OTP token validity."; @@ -180,7 +180,7 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM String sql = "UPDATE DM_OTP_DATA " + "SET " - + "OTP_TOKEN = ? " + + "OTP_TOKEN = ?, " + "CREATED_AT = ? " + "WHERE ID = ?"; @@ -195,11 +195,47 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM stmt.executeUpdate(); } } catch (DBConnectionException e) { - String msg = "Error occurred while obtaining the DB connection to update the OTP token validity."; + String msg = "Error occurred while obtaining the DB connection to update the OTP token."; log.error(msg, e); throw new OTPManagementDAOException(msg, e); } catch (SQLException e) { - String msg = "Error occurred when obtaining database connection for updating the OTP token validity."; + String msg = "Error occurred when executing sql query to update the OTP token."; + log.error(msg, e); + throw new OTPManagementDAOException(msg, e); + } + } + + @Override + public boolean isEmailExist (String email, String emailType) throws OTPManagementDAOException { + + if (log.isDebugEnabled()) { + log.debug("Request received in DAO Layer to verify whether email was registed with emai type in OTP"); + log.debug("OTP Details : email : " + email + " email type: " + emailType ); + } + + String sql = "SELECT " + + "ID " + + "FROM DM_OTP_DATA " + + "WHERE EMAIL = ? AND " + + "EMAIL_TYPE = ?"; + + try { + Connection conn = this.getDBConnection(); + try (PreparedStatement stmt = conn.prepareStatement(sql)) { + stmt.setString(1, email); + stmt.setString(2, emailType); + try (ResultSet rs = stmt.executeQuery()) { + return rs.next(); + } + } + } catch (DBConnectionException e) { + String msg = "Error occurred while obtaining the DB connection to verify email and email type exist in OTP." + + " Email: " + email + "Email Type: " + emailType; + log.error(msg, e); + throw new OTPManagementDAOException(msg, e); + } catch (SQLException e) { + String msg = "Error occurred while executing SQL to verify email and email type exist in OTP. Email: " + + email + "Email Type: " + emailType; log.error(msg, e); throw new OTPManagementDAOException(msg, e); } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java index 1ec1bb3dce3..b326f141cc5 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java @@ -141,6 +141,35 @@ public class OTPManagementServiceImpl implements OTPManagementService { return oneTimePinDTO; } + @Override + public void invalidateOTP(String oneTimeToken) throws OTPManagementException { + try { + ConnectionManagerUtil.beginDBTransaction(); + if (!otpManagementDAO.expireOneTimeToken(oneTimeToken)) { + ConnectionManagerUtil.rollbackDBTransaction(); + String msg = "Couldn't find OTP entry for OTP: " + oneTimeToken; + log.error(msg); + throw new OTPManagementException(msg); + } + ConnectionManagerUtil.commitDBTransaction(); + } catch (OTPManagementDAOException e) { + ConnectionManagerUtil.rollbackDBTransaction(); + String msg = "Error occurred while invalidate the OTP: " + oneTimeToken; + log.error(msg); + throw new OTPManagementException(msg); + } catch (TransactionManagementException e) { + String msg = "Error occurred while disabling AutoCommit to invalidate OTP."; + log.error(msg, e); + throw new OTPManagementException(msg, e); + } catch (DBConnectionException e) { + String msg = "Error occurred while getting database connection to invalidate OPT."; + log.error(msg, e); + throw new OTPManagementException(msg, e); + } finally { + ConnectionManagerUtil.closeDBConnection(); + } + } + /** * Create One Time Token @@ -212,7 +241,6 @@ public class OTPManagementServiceImpl implements OTPManagementService { } String[] superTenantDetails = otpWrapper.getUsername().split("@"); - if (!MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(superTenantDetails[superTenantDetails.length - 1]) || !superTenantDetails[0].equals(kmConfig.getAdminUsername())) { String msg = "You don't have required permission to create OTP"; @@ -247,15 +275,6 @@ public class OTPManagementServiceImpl implements OTPManagementService { } tenant.setAdminLastName(lastName); break; - case OTPProperties.TENANT_ADMIN_USERNAME: - String username = property.getMetaValue(); - if (StringUtils.isBlank(username)) { - String msg = "Received empty or blank admin username field with OTP creating payload."; - log.error(msg); - throw new BadRequestException(msg); - } - tenant.setAdminName(username); - break; case OTPProperties.TENANT_ADMIN_PASSWORD: String pwd = property.getMetaValue(); if (StringUtils.isBlank(pwd)) { @@ -291,7 +310,29 @@ public class OTPManagementServiceImpl implements OTPManagementService { log.error(msg); throw new BadRequestException(msg); } - tenant.setDomain(otpWrapper.getEmail().split("@")[1]); + + try { + ConnectionManagerUtil.openDBConnection(); + if (otpManagementDAO.isEmailExist(otpWrapper.getEmail(), otpWrapper.getEmailType())) { + String msg = "Email is registered to execute the same action. Hence can't proceed."; + log.error(msg); + throw new BadRequestException(msg); + } + } catch (DBConnectionException e) { + String msg = "Error occurred while getting database connection to validate the given email and email type."; + log.error(msg); + throw new DeviceManagementException(msg); + } catch (OTPManagementDAOException e) { + String msg = "Error occurred while executing SQL query to validate the given email and email type."; + log.error(msg); + throw new DeviceManagementException(msg); + } finally { + ConnectionManagerUtil.closeDBConnection(); + } + + String[] tenantUsernameDetails = otpWrapper.getEmail().split("@"); + tenant.setAdminName(tenantUsernameDetails[0]); + tenant.setDomain(tenantUsernameDetails[tenantUsernameDetails.length - 1]); tenant.setEmail(otpWrapper.getEmail()); return tenant; } diff --git a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm index 7b0d617fc63..18e3a66a015 100644 --- a/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm +++ b/features/email-sender/org.wso2.carbon.email.sender.feature/src/main/resources/email/templates/user-verify.vm @@ -28,176 +28,7 @@
- entgra.io + entgra